Versions Compared

Version Old Version 15 New Version 16
Changes made by

Harsh Bansal

Harsh Bansal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Exposing ip via load balancer in the following steps makes it public.

Example setup to secure client authentication

HiveMQ recommends securing the authentication and authorisation of clients for production environment. E.g. Setting up ESE Extension using HiveMQ Operator

Please check out HiveMQ authentication and authorisation extensions to control client access and scope. https://www.hivemq.com/products/extensions/

  1. Open values.yaml and search for port 1883 under hivemq.ports.port

    Code Block
    ports:
    - name: "mqtt"
      port: 1883
      expose: true
      patch:
        - '[{"op":"add","path":"/spec/selector/hivemq.com~1node-offline","value":"false"},{"op":"add","path":"/metadata/annotations","value":{"service.spec.externalTrafficPolicy":"Local"}}]'
        # If you want Kubernetes to expose the MQTT port to external traffic
        # - '[{"op":"add","path":"/spec/type","value":"LoadBalancer"}]'

  2. Uncomment and expose the loadbalancer

    Code Block
    ports:
    - name: "mqtt"
      port: 1883
      expose: true
      patch:
        - '[{"op":"add","path":"/spec/selector/hivemq.com~1node-offline","value":"false"},{"op":"add","path":"/metadata/annotations","value":{"service.spec.externalTrafficPolicy":"Local"}}]'
        # If you want Kubernetes to expose the MQTT port to external traffic
        - '[{"op":"add","path":"/spec/type","value":"LoadBalancer"}]'

  3. Save the file and apply the changes

    Code Block
    helm upgrade hivemq --install hivemq/hivemq-operator --values values.yaml

  4. Check if the service for port 1883 has an external IP address (98.67.128.195 in our case)

    Code Block
    kubectl get services

...